gpgsm: Allow decryption with a card returning a PKCS#1 stripped key.

* sm/decrypt.c (prepare_decryption): Handle a 16 byte session key. -- GnuPG-bug-id: 2230 Signed-off-by: Werner Koch <wk@gnupg.org>
author: Werner Koch <wk@gnupg.org> 2016-11-29 19:19:45 +0100
committer: Werner Koch <wk@gnupg.org> 2016-11-29 19:19:55 +0100
commit: 8489b12211098ad58c008cfb74b5cb91849cf68d (patch)
tree: d909ae0ad861f110d17521d4a3d34977959808ff /sm/decrypt.c
parent: agent,w32: Initialize nPth in server mode. (diff)
download: gnupg2-8489b12211098ad58c008cfb74b5cb91849cf68d.tar.xz
gnupg2-8489b12211098ad58c008cfb74b5cb91849cf68d.zip
1 files changed, 5 insertions, 3 deletions
diff --git a/sm/decrypt.c b/sm/decrypt.c
index 11c1cf844..a2907f668 100644
--- a/sm/decrypt.c
+++ b/sm/decrypt.c
@@ -74,10 +74,12 @@ prepare_decryption (ctrl_t ctrl, const char *hexkeygrip, const char *desc,
     log_printhex ("pkcs1 encoded session key:", seskey, seskeylen);
 
   n=0;
-  if (seskeylen == 24)
+  if (seskeylen == 24 || seskeylen == 16)
     {
-      /* Smells like a 3-des key.  This might happen because a SC has
-         already done the unpacking. */
+      /* Smells like a 3-DES or AES-128 key.  This might happen
+       * because a SC has already done the unpacking.  A better
+       * solution would be to test for this only after we triggered
+       * the GPG_ERR_INV_SESSION_KEY. */
     }
   else
     {
author	Werner Koch <wk@gnupg.org>	2016-11-29 19:19:45 +0100
committer	Werner Koch <wk@gnupg.org>	2016-11-29 19:19:55 +0100
commit	8489b12211098ad58c008cfb74b5cb91849cf68d (patch)
tree	d909ae0ad861f110d17521d4a3d34977959808ff /sm/decrypt.c
parent	agent,w32: Initialize nPth in server mode. (diff)
download	gnupg2-8489b12211098ad58c008cfb74b5cb91849cf68d.tar.xz gnupg2-8489b12211098ad58c008cfb74b5cb91849cf68d.zip